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Remarks/Arguments 

The Applicants respectfully request further examination and reconsideration in view of 
the amendments made above and the arguments set forth below. Claims 1-45, 47-52, and 59-75 
were pending. Within the Office Action, Claims 26-45, 47-52, 59, 60, 63-71, and 73-75 have 
been allowed, Claims 16-18 and 25 have been objected to, and Claims 1-25, 61, 62, and 72 have 
been rejected. Claims 46 and 53-58 were previously canceled. By way of the amendments made 
above, Claim 1 has been amended. Accordingly, Claims 1-45, 47-52 and 59-75 are still pending. 

Rejections under 35 U.S.C. § 103(a) 

Claims 1-5, 11, 12, 19, 20, 61, 62, and 72 

Within the Office Action, Claims 1-5, 1 1, 12, 19, 20, 61, 62, and 72 have been rejected 
under 35 U.S.C. § 103(a) as being unpatentable over U.S. Patent No. 7,313,694 to Riedel 
("Riedel") in view of Yu et al., "A Cryptographic File System Supporting Multi-Level Security" 
("Yu"). The Applicants respectfully disagree. 

Riedel is directed to securing file access via directory encryption. Riedel discloses 
encrypting filenames to protect them when a server is untrustworthy, such as in a distributed 
computing environment. Riedel also discloses encrypting filenames in a directory structure 
without otherwise changing the directory structure. (Riedel, Abstract) 

Yu is directed to sharing encrypted files among multiple users. At page 4 of the Office 
Action, it is stated, "Yu expands on the access control to show that it is implemented through 
Mandatory Access Control (MAC) classes. Users are only allowed access to files of other users 
within the same MAC class which reads on system-unique data for verification purposes." Even 
if this characterization is correct, a MAC class does not uniquely identify a system as does, for 
example, a Medium Access Controller (also called a "MAC") identifier, as disclosed in the 
Present Specification. 

The independent Claim 1 is directed to a computer system comprising a memory portion 
containing an encrypted data file and an operating system comprising a kernel to use a unique 
system-identifier to verify a user to control access to the encrypted data file, wherein the kernel 
comprises a virtual node (a) to decrypt an encrypted directory entry to determine a location of the 
encrypted data file and (b) to decrypt the encrypted data file to access data file contents contained 
therein. 
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Neither Riedel nor Yu, either alone or in combination, discloses the combination recited 
in the independent Claim 1 , including an operating system comprising a kernel to use a unique 
system-identifier to verify a user to control access to an encrypted data file. For at least these 
reasons, the independent Claim 1 is allowable over Riedel, Yu, and their combination. 

The limitation added to Claim 1 finds support throughout the application. A kernel using 
a unique system-identifier to verify a user to control access to an encrypted data file finds support 
at, for example, page 29, lines 4-10 (describing using a media access controller (MAC) identifier, 
which is unique among systems), and page 53, lines 6-18 (describing using user identifiers and 
MAC as part of a credentials structure) of the Present Specification. 

Claims 2-5, 1 1, 12, 19, 20, 61, 62, and 72 all depend on the independent Claim 1. As 
explained above, the independent Claim 1 is allowable over Riedel, Yu, and their combination. 
Accordingly, Claims 2-5, 11, 12, 19, 20, 61, 62, and 72 are all also allowable as depending on an 
allowable base claim. 

Claim 72 is allowable for at least one additional reason. Claim 72 incorporates from 
Claim 1 and thus recites a virtual node to decrypt an encrypted directory entry to determine a 
location of an encrypted data file. A plurality of different encryption keys encrypt different 
blocks of the data file. In contrast, Riedel discloses encrypting different directory entries with 
different keys. (Riedel, col. 4, lines 30-55) Even if the directory entries of Riedel could be 
considered data, Riedel does not disclose encrypted entries to determine a location of that data, as 
recited in Claim 72. In other words, Riedel does not disclose storing encrypted information for 
locating the directory entries. For this additional reason, Claim 72 is allowable. 

Claims 6-8, 14, and 15 

Within the Office Action, Claims 6-8, 14, and 15 have been rejected under 35 U.S.C. § 
103(a) as being unpatentable over Riedel in view of Yu as applied to Claim 1, and further in 
view of U.S. Patent Application Pub. No. 2003/0005300 to Noble et al. ("Noble"). The 
Applicants respectfully disagree. 

Claims 6-8, 14, and 15 all depend on the independent Claim 1. As explained above, the 
independent Claim 1 is allowable. Accordingly, Claims 6-8, 14, and 15 are all also allowable as 
depending on an allowable base claim. 



- 14- 



PATENT 

Attorney Docket No.: EXIT-00101 

Claim 9 

Within the Office Action, Claim 9 has been rejected under 35 U.S.C. § 103(a) as being 
unpatentable over Riedel in view of Yu as applied to Claim 1, and further in view of Blaze, "A 
Cryptographic File System for Unix." The Applicants respectfully disagree. 

Claim 9 depends on the independent Claim 1 . As explained above, the independent 
Claim 1 is allowable. Accordingly, Claim 9 is also allowable as depending on an allowable base 
claim. 

Claims 10 and 30 

Within the Office Action, Claims 10 and 30 have been rejected under 35 U.S.C. § 103(a) 
as being unpatentable over Riedel in view of Yu, and further in view of Noble as applied to 
Claim 5, and further in view of U.S. Patent No. 5,903,881 to Schrader et al. The Applicants 
respectfully disagree. 

Claim 10 depends on the independent Claim 1. As explained above, the independent 
Claim 1 is allowable. Accordingly, Claim 10 is also allowable as depending on an allowable 
base claim. 

In the Office Action, both in the Office Action Summary and at paragraph 3, Claim 30 is 
listed as being allowed. In paragraph 14 of the final Office Action, however, it is stated that 
Claim 30 is rejected. The Applicants believe that the statement in paragraph 14 is inadvertent. 
Claim 30 depends on the independent Claim 26, which has been allowed. Accordingly, Claim 30 
should also be allowable as depending on an allowable base claim. 

Claim 13 

Within the Office Action, Claim 13 has been rejected under 35 U.S.C. § 103(a) as being 
unpatentable over Riedel in view of Yu as applied to Claim 12, and further in view of U.S. Patent 
No. 5,727,206 to Fish et al. The Applicants respectfully disagree. 

Claim 13 depends on the independent Claim 1. As explained above, the independent 
Claim 1 is allowable. Accordingly, Claim 13 is also allowable as depending on an allowable 
base claim. 



-15- 



PATENT 

Attorney Docket No.: EXIT-00101 

Allowable Subject Matter 

Within the Office Action, it is stated that Claims 26-45, 47-52, 59, 60, 63-71, and 73-75 
are allowable. 

Within the Office Action, it also stated that Claims 16-18 and 25 are objected to as being 
dependent upon a rejected base claim, but would be allowable if rewritten in independent form 
including all of the limitations of the base claim and any intervening claims. Claims 16-18 and 
25 all depend on the independent Claim 1. As explained above, the independent Claim 1 is 
allowable. Accordingly, Claims 16-18 and 25 are all also allowable as depending on an 
allowable base claim. 



CONCLUSION 

For the reasons given above, the Applicants respectfully submit that Claims 1-45, 47-52 
and 59-75 are in condition for allowance, and allowance at an early date would be appreciated. If 
the Examiner has any questions or comments, the Examiner is encouraged to call the undersigned 
at (408) 530-9700 so that any outstanding issues can be quickly and efficiently resolved. 

Respectfully submitted, 
HAVERSTOCK & OWENS LLP 

Dated: February 9, 2010 By: /Jonathan O. Owens/ 

Jonathan O. Owens 
Reg. No.: 37,902 
Attorneys for Applicants 
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